General

  • Target

    a10b31ebc866976d713257235b05fef7.exe

  • Size

    290KB

  • Sample

    240107-ymc4psdbcr

  • MD5

    a10b31ebc866976d713257235b05fef7

  • SHA1

    1cc117b73ed9542d2f70d9d3de1464280da0d1e3

  • SHA256

    0ccd034bd27aede87e51822520c1b63c51190d002cba693f8544157227b5f0ec

  • SHA512

    830073cbb4407d15af4a13b968e916f1b4b663fabd05e576ec53daa379de4799c8d8fdeea2c6c85e73380484154984d518072db17e51f283f2f0dcd25107ea4a

  • SSDEEP

    6144:DXLEP5aTASzxRpY1PWuo/FP/YUMbso6SUSYFzzHYo2Tjfxe5:D+udRpY1Xo/p/1Mbr6SUSKzHx2Tz

Malware Config

Extracted

Family

zloader

Botnet

googleaktualizacija

Campaign

googleaktualizacija2

C2

https://iqowijsdakm.com/gate.php

https://wiewjdmkfjn.com/gate.php

https://dksaoidiakjd.com/gate.php

https://iweuiqjdakjd.com/gate.php

https://yuidskadjna.com/gate.php

https://olksmadnbdj.com/gate.php

https://odsakmdfnbs.com/gate.php

https://odsakjmdnhsaj.com/gate.php

https://odjdnhsaj.com/gate.php

https://odoishsaj.com/gate.php

Attributes
  • build_id

    156

rc4.plain
rsa_pubkey.plain

Targets

    • Target

      a10b31ebc866976d713257235b05fef7.exe

    • Size

      290KB

    • MD5

      a10b31ebc866976d713257235b05fef7

    • SHA1

      1cc117b73ed9542d2f70d9d3de1464280da0d1e3

    • SHA256

      0ccd034bd27aede87e51822520c1b63c51190d002cba693f8544157227b5f0ec

    • SHA512

      830073cbb4407d15af4a13b968e916f1b4b663fabd05e576ec53daa379de4799c8d8fdeea2c6c85e73380484154984d518072db17e51f283f2f0dcd25107ea4a

    • SSDEEP

      6144:DXLEP5aTASzxRpY1PWuo/FP/YUMbso6SUSYFzzHYo2Tjfxe5:D+udRpY1Xo/p/1Mbr6SUSKzHx2Tz

    • Zloader, Terdot, DELoader, ZeusSphinx

      Zloader is a malware strain that was initially discovered back in August 2015.

MITRE ATT&CK Matrix

Tasks